eSigner Demo Credentials and Certificates

SSL.com maintains a separate “sandbox” environment for our eSigner cloud signing service so that users can experiment with the different apps, utilities, and APIs before working with production Document Signing and EV Code Signing certificates. This how-to includes demo credentials, QR codes, and configuration information to ease experimental use of the eSigner Express Sandbox, CodeSignTool, DocSignTool, and CSC, Code Signing, and Document Signing APIs.

For instructions on how to automate EV Code Signing using signtool.exe or certutil.exe please review this how-to.

Demo eSigner Credentials

Use these demo credentials when logging into the eSigner Express Sandbox, testing the CodeSignTool and DocSignTool command-line utilities, or retrieving access tokens for API testing:

  • Username: esigner_demo
  • Password: esignerDemo#1

Demo QR Codes and TOTP Secrets

Scan the QR codes below into a two-factor authentication app like Authy or Google Authenticator to generate time-based one-time passwords (TOTPs) for use when testing eSigner. You can also use the TOTP Secrets below to automate signing with CodeSignTool and DocSignTool.

Document Signing Certificate

  • QR Code:
    Test QR Code for Document Signing Certificates
  • TOTP Secret: JrQzGNoMUQbJyNb6RecxX2TTImVz0uItDnzWbslMagM=

EV Code Signing Certificate

  • QR Code:
    eSigner code signing demo QR code
  • TOTP Secret: RDXYgV9qju+6/7GnMf1vCbKexXVJmUVr+86Wq/8aIGg=

API Usage

To use the above demo credentials with the CSC, Code Signing, and Document Signing APIs, please use the following URLs and Client ID in your requests:

Note: Client Secret is not a required parameter when using the eSigner demo credentials in API.
  • Auth URL: https://oauth-sandbox.ssl.com/oauth2/authorize
  • Access Token URL: https://oauth-sandbox.ssl.com/oauth2/token
  • CSC API: https://cs-try.ssl.com/v0/
  • Document Signing API: https://ds-try.ssl.com/v1/
  • Code Signing API: https://cs-try.ssl.com/v1/
  • Client ID: qOUeZCCzSqgA93acB3LYq6lBNjgZdiOxQc-KayC3UMw

CodeSignTool and DocSignTool Configuration

To use the above demo credentials with the CodeSignTool and DocSignTool command-line utilities, they must be reconfigured to point to the eSigner test environment. To do so, replace the contents of conf/code_sign_tool.properties or conf/doc_sign_tool.properties with the following text:

CLIENT_ID=qOUeZCCzSqgA93acB3LYq6lBNjgZdiOxQc-KayC3UMw
OAUTH2_ENDPOINT=https://oauth-sandbox.ssl.com/oauth2/token
CSC_API_ENDPOINT=https://cs-try.ssl.com
TSA_URL=http://ts.ssl.com
Note: By default, SSL.com supports timestamps from ECDSA keys. If you encounter this error: The timestamp certificate does not meet a minimum public key length requirement, you should contact your software vendor to permit timestamps from ECDSA keys. If there is no way for your software vendor to allow for the normal endpoint to be used, you can use this legacy endpoint http://ts.ssl.com/legacy to get a timestamp from an RSA Timestamping Unit.
Thank you for choosing SSL.com! If you have any questions, please contact us by email at Support@SSL.com, call 1-877-SSL-SECURE, or just click the chat link at the bottom right of this page. You can also find answers to many common support questions in our knowledgebase.
Twitter
Facebook
LinkedIn
Reddit
Email

Stay Informed and Secure

SSL.com is a global leader in cybersecurity, PKI and digital certificates. Sign up to receive the latest industry news, tips, and product announcements from SSL.com.

We’d love your feedback

Take our survey and let us know your thoughts on your recent purchase.